The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

JailShell logs

Discussion in 'General Discussion' started by tecwithquestion, Jan 14, 2015.

  1. tecwithquestion

    tecwithquestion Active Member

    Joined:
    Oct 20, 2014
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello

    I have noticed that user who have jail shell access , he can access 80% of server data.

    and this is very risky.

    Is there any way to prevent this ? or is there any way to copy all users commands execuated via jailshell to safe location so that he can not clear those ?

    in bash history it gets saved but user can remove / clear those entries
     
  2. MilesWeb

    MilesWeb Well-Known Member
    PartnerNOC

    Joined:
    May 23, 2012
    Messages:
    174
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Which files can be read with the jail shell access ? Could you confirm which files can be modified which are outside his account ?
     
  3. tecwithquestion

    tecwithquestion Active Member

    Joined:
    Oct 20, 2014
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    many folders of servers
     
    #3 tecwithquestion, Jan 15, 2015
    Last edited: Jan 15, 2015
  4. MilesWeb

    MilesWeb Well-Known Member
    PartnerNOC

    Joined:
    May 23, 2012
    Messages:
    174
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Yes, you should be able to view them. However, if these folders have actual data, you won't have access to it. Kindly provide with any such folder under which you can view the files and read them.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,814
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    This is standard due to the nature of how the filesystem works on Linux. Note that while you may be able to view some directories outside of /home, all account-specific data should be restricted. Additional documentation is available at:

    VirtFS (Jailed Shell)

    Thank you.
     
  6. tecwithquestion

    tecwithquestion Active Member

    Joined:
    Oct 20, 2014
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Okay. I will look for it. how can I get the jailshell lock for user for which jailshell is enabled.

    can I make copy of his history file somewhere on server ?

    home/user/.bash.history is not good file. He can clean that file (if he is having good exp on linux)
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,814
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  8. tecwithquestion

    tecwithquestion Active Member

    Joined:
    Oct 20, 2014
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Sorry . I mean to say jailshell logs. I did typo error.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,814
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page